Cisco is a long-time leader in delivering cutting-edge firewalls for the broadest possible variety of environments. Cisco's Firepower NGFWs Firewalls provide an advanced cybersecurity solution that combines dedicated hardware, cloud-based services, and machine learning to anticipate, identify, and mitigate threats without manual intervention. Progent's Cisco-certified CCIE firewall experts can assist you to design and carry out a smooth migration to Cisco Firepower firewalls from Cisco's from ASA 5500-X, ASA 5500, or PIX firewalls and help you enhance Firepower firewalls with Cisco's subscription-based security services to create and centrally manage network ecosystems that include local offices, data centers, private clouds and public clouds. Progent can also help you to maintain and troubleshoot legacy Cisco firewalls. Progent's certified network security experts can help you with policy creation and tuning driven by industry best practices in order to establish a consistent and effective security posture that applies to all your networked devices at any location.
Cisco's Firepower NGFW Firewall Appliances
Cisco's Firepower Next Generation Firewalls (NGFWs) deliver a major performance improvement compared to Cisco's popular ASA 5500-X security appliances and include centralized management and automation of modern security features like application visibility, next-generation intrusion protection (NGIPS) with risk prioritization, advanced malware protection, distributed denial of service (DDoS) mitigation, and sandboxing. For more information about Cisco's Firepower family of NGFWs Firewalls, see Firepower firewalls integration expertise.
Cisco's ASA 5500-X and Legacy Firewalls
Cisco’s ASA 5500-X Series, ASA 5500, and PIX firewall appliances offer integrated firewall, VPN, and intrusion prevention system capabilities in single-box packages, delivering a wide range of features to match the security needs of organizations ranging from small and mid-size businesses to enterprises and ISPs. Cisco’s ASA 5500-X, ASA 5500 Series, and PIX firewalls enable IT security teams to defend their network perimeter and provide secure remote connectivity while using powerful management tools built on Cisco's world-class firewall products.
Cisco’s ASA 5500 Series and PIX 500 firewall appliances have arrived at end-of-life status but are still widely deployed in smaller organizations and in a few larger networks. Cisco’s ASA 5500-X Series Next-Generation Firewalls represent significantly more value and have supplanted Cisco's ASA 5500 and PIX lines of firewalls for new installations. However, Cisco's legacy firewalls, if carefully managed, continue to offer a high degree of security by supplying multiple security functions such as stateful firewall, Virtual Private Network (VPN) connections, and IPS.
Following Cisco's acquisition of Sourcefire, the entire line of ASA 5500-X devices can be configured to enable Firepower Services, built on Sourcefire's Snort product, which is the world's most deployed network intrusion protection system (IPS). Firepower services bring enhanced features including advanced malware protection (AMP), URL filtering, real-time threat analytics, and automation.
Progent's Cisco-certified infrastructure consultants can assist you to support and debug legacy ASA 5500 and PIX 500 firewalls and can also assist you to plan and implement a smooth migration to Cisco’s ASA 5500-X Series firewalls with Firepower. Progent can also assist you to plan, configure, optimize, manage and debug new firewall solutions based on Cisco's current ASA 5500-X firewalls with Firepower. Progent can also help you to upgrade from your Cisco ASA 5500-X deployment to Cisco's latest Firepower NGFWs Firewalls.
Cisco's ASA 5500-X Series Firewalls
Cisco's extensive family of ASA 5500-X security appliances includes an improved replacement for each rack-mountable model in the previous ASA 5500 generation of firewalls. Each ASA 5500-X firewall targets the same environment as the associated earlier models, which offers small and midsize businesses plenty of choice for selecting a solution that meets their security requirements and IT budgets. All ASA 5500-X firewalls are based on Cisco's tested stateful-inspection firewall technology and all incorporate 64-bit hardware with multicore CPUs and are capable of running Cisco's powerful security services. All devices in Cisco's ASA 5500-X family provide consistent security across any mix of physical, virtual, and cloud deployments.
For additional information about Cisco's ASA 5500-X firewalls, Cisco Firepower services, and Progent's support for Cisco ASA 5500-X firewalls, go to Firepower configuration and debugging consulting
Firepower Services for ASA 5500-X Security Appliances
Cisco ASA 5500-X security appliances work with software or hardware modules that enable Cisco's Firepower Services, which provide layered defense against advanced threats. Cisco's Firepower Services are based on innovative technology adopted by Cisco from Sourcefire. Key features of Firepower Services for ASA 5500-X security appliances include:
Simpler deployments of ASA 5500-X firewalls can be efficiently administered using Cisco's on-device Adaptive Security Device Manager (ASDM) Adaptive Security Device Manager, a web utility provided with all ASA 5500-X models. ASDM includes a convenient web dashboard for configuring, managing, and debugging ASA 5500-X firewalls and modules.
For multi-device and multi-site deployments, ASA 5500-X appliances with Firepower can be administered with Firepower Management Center, available as one or several physical or virtual devices. Cisco's Firepower Management Center offers centralized firewall management, Application Visibility and Control, enhanced IPS, URL filtering, and Advanced Malware Protection (AMP). Because of frequent rebranding since Cisco's purchase of Sourcefire Defense Center, Firepower Management Center has been offered under various names that include Cisco Defense Center, Cisco Firesight Defense Center, and Cisco Firesight Management Center.
Cisco's Firepower Management Center offers capabilities unavailable with Cisco's on-device ASDM tool. Extra features include greater context awareness, Cisco's Advanced Malware Protection (AMP) with remediation for user devices, a console that provides dynamic network visualization, automated policy tuning driven by risk assessment of threats, comprehensive IPS, custom app detectors for Application Visibility and Control, customized health notifications, improved reporting options, and APIs for host input and database access. Hardware-dependent features like clustering, stacking, switching, routing, VPN, and NAT must be handled using the on-box ASDM or the ASA 5500-X command line interface.
Cisco ASA 5500 Adaptive Security Appliances
Cisco ASA 5500 Series Firewalls leverage engineering behind Cisco's PIX 500 Series firewall, the Cisco IPS 4200 Intrusion Prevention System, and Cisco's VPN 3000 model concentrator. These solutions converge on the Cisco ASA 5500 Series Firewall family to offer a platform that stops the broadest range of attacks. Cisco Adaptive Security Appliances (ASA) Firewalls deliver program security, local containment and control, and clean VPN connectivity across the entire product line. This broad scope of protection allows the guarding of any network segment, which includes the most typical attack vectors such as remote sites, LAN-connected internal users, and remote access Virtual Private Networks.
Cisco Adaptive Security Appliances firewalls deliver a high-level of application security through smart, application-aware inspection engines that analyze traffic at Layers 4-7. This produces a safer environment covering Web, voice, and mobile wireless services. To protect networks against application-layer assaults and to provide stronger policing of the applications and protocols utilized in their environments, these inspection engines incorporate broad application and protocol knowledge and rely on protection enforcement solutions such as anomaly detection and application and protocol state monitoring. Also incorporated are attack detection and remediation techniques including application/protocol command filters and URL deobfuscation. Cisco Adaptive Security Appliances (ASA) 5500 Series firewall inspection engines also provide control over IM and peer-to-peer file sharing, enabling businesses to enforce usage policies and free up network bandwidth for important business applications.
For additional details about Progent's consulting services for Cisco's ASA 5500 security appliances, see ASA 5500 series firewalls integration and debugging services.
PIX Firewall Appliances
Based around a tested, purpose-built software platform that delivers a wealth of security features, Cisco PIX security appliances provide excellent security and have been awarded EAL 4 status and ICSA Firewall and IPsec certification. Cisco PIX security appliances offer security for a broad array of Voice over IP and additional multimedia standards including H.323 Version 4, Session Initiation Protocol (SIP), SCCP, RTSP, and MGCP, enabling organizations to safeguard installations of a broad array of current and next-generation VoIP and video applications.
IT managers can also remotely set up, track, and analyze PIX security appliances using a command-line interface (CLI). Safe command-line interface access is available through a number of methods including Secure Shell Protocol, Telnet over IPsec, and out-of-band through a console port. Cisco PIX firewall appliances also include robust auto-update capabilities, a set of revolutionary protected remote-management services that make sure that firewall settings and software images are kept up to date.
For more details about Progent's consulting services for PIX security appliances, visit PIX firewalls configuration and debugging consulting.
Progent's Migration Consulting for Cisco Firewalls
Since Cisco has ceased offering the PIX 500 and ASA 5500 families of firewalls, many businesses are concerned about relying on a critical infrastructure mechanism that might no longer be supported. Cisco ASA 5500-X and Firepower NGFW Series firewalls offer the benefit of being new devices and also offer a number of technical and economic advantages in comparison to PIX devices. These advantages include substantially better performance, optional SSL VPN capability, and a modular architecture that guards your investment by allowing you to self-install more security services whenever you require them. Progent's Cisco experts can help your company to assess the business case for moving from PIX or ASA 5500 security appliances, create a migration process that allows for a fast and non-disruptive changeover, help your IT staff to install new ASA 5500-x or Firepower NGFW Series appliances, and provide remote training, consulting, and troubleshooting services.
Additional Ways Progent Can Help Your Business with Cisco Firewalls
Cisco's Firepower Series, ASA Series, and PIX family firewalls incorporate an array of configuration, monitoring, and analysis options which offer you the flexibility to set up these security appliances to match your company's requirements. Progent's CCIE authorized network professionals can show you how to design a cost-effective network infrastructure that includes Cisco firewall technology and that provides world-class protection, resilience, throughput, and manageability. Progent's GISA and CISM-premier information security professionals can assist your business to create a security strategy that makes sense for your business and can set up your firewall to support your security strategy. Progent's security evaluation professionals can evaluate the strength of your current firewall deployment and help determine the overall security of your entire IS network. Progent’s Technical Response Center can provide urgent remote troubleshooting for Cisco products and offer quick access to a Cisco CCIE expert.
To find out additional details concerning Progent's professional expertise for Cisco technology, pick a subject:
Integration of Cisco and Third-party Security Technology
Progent offers expertise in firewall and VPN products from all major vendors and can help you integrate Cisco technology with additional security solutions to help you build a cost-effective network infrastructure that provides a level of security and flexibility appropriate for your business. Third-party firewall and VPN support services available from Progent include:
If you wish to contact Progent about engineering expertise for Cisco products, call